root / spec / defines / set_spec.rb @ fcb79d73
Historique | Voir | Annoter | Télécharger (5,84 ko)
| 1 | 20b96360 | Nacho Barrientos | require 'spec_helper'
|
|---|---|---|---|
| 2 | |||
| 3 | describe 'nftables::set' do |
||
| 4 | let(:pre_condition) { 'include nftables' } |
||
| 5 | |||
| 6 | let(:title) { 'my_set' } |
||
| 7 | |||
| 8 | on_supported_os.each do |os, os_facts|
|
||
| 9 | context "on #{os}" do |
||
| 10 | let(:facts) { os_facts }
|
||
| 11 | |||
| 12 | describe 'minimum instantiation' do |
||
| 13 | let(:params) do |
||
| 14 | {
|
||
| 15 | type: 'ipv4_addr', |
||
| 16 | } |
||
| 17 | end
|
||
| 18 | |||
| 19 | it { is_expected.to compile }
|
||
| 20 | it {
|
||
| 21 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 22 | target: 'nftables-inet-filter', |
||
| 23 | content: %r{^ set my_set \{\n type ipv4_addr\n \}$}m, |
||
| 24 | order: '10', |
||
| 25 | ) |
||
| 26 | } |
||
| 27 | end
|
||
| 28 | |||
| 29 | describe 'max size exceeding the prepopulated elements' do |
||
| 30 | let(:params) do |
||
| 31 | {
|
||
| 32 | type: 'ipv6_addr', |
||
| 33 | elements: ['2001:1458::/32', '2001:1458:1::/48'], |
||
| 34 | size: 1, |
||
| 35 | } |
||
| 36 | end
|
||
| 37 | |||
| 38 | it { is_expected.not_to compile }
|
||
| 39 | end
|
||
| 40 | |||
| 41 | describe 'invalid type' do |
||
| 42 | let(:params) do |
||
| 43 | {
|
||
| 44 | type: 'foo', |
||
| 45 | } |
||
| 46 | end
|
||
| 47 | |||
| 48 | it { is_expected.not_to compile }
|
||
| 49 | end
|
||
| 50 | |||
| 51 | describe 'invalid flags' do |
||
| 52 | let(:params) do |
||
| 53 | {
|
||
| 54 | type: 'ipv4_addr', |
||
| 55 | flags: ['foo'], |
||
| 56 | } |
||
| 57 | end
|
||
| 58 | |||
| 59 | it { is_expected.not_to compile }
|
||
| 60 | end
|
||
| 61 | |||
| 62 | describe 'ipv6 prepopulated' do |
||
| 63 | let(:params) do |
||
| 64 | {
|
||
| 65 | type: 'ipv6_addr', |
||
| 66 | elements: ['2001:1458::/32', '2001:1458:1::/48'], |
||
| 67 | } |
||
| 68 | end
|
||
| 69 | |||
| 70 | it { is_expected.to compile }
|
||
| 71 | it {
|
||
| 72 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 73 | target: 'nftables-inet-filter', |
||
| 74 | content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::/32, 2001:1458:1::/48 \}\n \}$}m, |
||
| 75 | order: '10', |
||
| 76 | ) |
||
| 77 | } |
||
| 78 | end
|
||
| 79 | |||
| 80 | describe 'using flags and auto-merge' do |
||
| 81 | let(:params) do |
||
| 82 | {
|
||
| 83 | type: 'ipv4_addr', |
||
| 84 | 7e5b657a | Steve Traylen | flags: %w[interval timeout], |
| 85 | 20b96360 | Nacho Barrientos | elements: ['192.168.0.1/24'], |
| 86 | auto_merge: true, |
||
| 87 | } |
||
| 88 | end
|
||
| 89 | |||
| 90 | it { is_expected.to compile }
|
||
| 91 | it {
|
||
| 92 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 93 | target: 'nftables-inet-filter', |
||
| 94 | content: %r{^ set my_set \{\n type ipv4_addr\n flags interval, timeout\n elements = \{ 192.168.0.1/24 \}\n auto-merge\n \}$}m, |
||
| 95 | order: '10', |
||
| 96 | ) |
||
| 97 | } |
||
| 98 | end
|
||
| 99 | |||
| 100 | describe 'using ether_addr as type and custom policy' do |
||
| 101 | let(:params) do |
||
| 102 | {
|
||
| 103 | type: 'ether_addr', |
||
| 104 | elements: ['aa:bb:cc:dd:ee:ff'], |
||
| 105 | policy: 'memory', |
||
| 106 | } |
||
| 107 | end
|
||
| 108 | |||
| 109 | it { is_expected.to compile }
|
||
| 110 | it {
|
||
| 111 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 112 | target: 'nftables-inet-filter', |
||
| 113 | content: %r{^ set my_set \{\n type ether_addr\n elements = \{ aa:bb:cc:dd:ee:ff \}\n policy memory\n \}$}m, |
||
| 114 | order: '10', |
||
| 115 | ) |
||
| 116 | } |
||
| 117 | end
|
||
| 118 | 9f0498e3 | Nacho Barrientos | |
| 119 | describe 'using raw content' do |
||
| 120 | let(:params) do |
||
| 121 | {
|
||
| 122 | content: 'set my_set { }', |
||
| 123 | } |
||
| 124 | end
|
||
| 125 | |||
| 126 | it { is_expected.to compile }
|
||
| 127 | it {
|
||
| 128 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 129 | target: 'nftables-inet-filter', |
||
| 130 | content: ' set my_set { }', |
||
| 131 | order: '10', |
||
| 132 | ) |
||
| 133 | } |
||
| 134 | end
|
||
| 135 | |||
| 136 | describe 'fails without a type and not source/content' do |
||
| 137 | it { is_expected.not_to compile }
|
||
| 138 | end
|
||
| 139 | 7bb485c5 | Nacho Barrientos | |
| 140 | describe 'set names with dashes are allowed' do |
||
| 141 | let(:title) { 'my-set' } |
||
| 142 | let(:params) do |
||
| 143 | {
|
||
| 144 | type: 'ether_addr', |
||
| 145 | } |
||
| 146 | end
|
||
| 147 | |||
| 148 | it { is_expected.to compile }
|
||
| 149 | it {
|
||
| 150 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my-set').with(
|
||
| 151 | target: 'nftables-inet-filter', |
||
| 152 | content: %r{^ set my-set \{\n type ether_addr\n \}$}m, |
||
| 153 | order: '10', |
||
| 154 | ) |
||
| 155 | } |
||
| 156 | end
|
||
| 157 | c94658e1 | Nacho Barrientos | |
| 158 | describe 'default table can be changed' do |
||
| 159 | let(:params) do |
||
| 160 | {
|
||
| 161 | type: 'ipv6_addr', |
||
| 162 | elements: ['2001:1458::1', '2001:1458:1::2'], |
||
| 163 | table: 'ip-nat' |
||
| 164 | } |
||
| 165 | end
|
||
| 166 | |||
| 167 | it { is_expected.to compile }
|
||
| 168 | it {
|
||
| 169 | is_expected.to contain_concat__fragment('nftables-ip-nat-set-my_set').with(
|
||
| 170 | target: 'nftables-ip-nat', |
||
| 171 | content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m, |
||
| 172 | order: '10', |
||
| 173 | ) |
||
| 174 | } |
||
| 175 | end
|
||
| 176 | |||
| 177 | describe 'multiple tables no tables' do |
||
| 178 | let(:params) do |
||
| 179 | {
|
||
| 180 | type: 'ipv6_addr', |
||
| 181 | elements: ['2001:1458::1', '2001:1458:1::2'], |
||
| 182 | table: []
|
||
| 183 | } |
||
| 184 | end
|
||
| 185 | |||
| 186 | it { is_expected.not_to compile }
|
||
| 187 | end
|
||
| 188 | |||
| 189 | describe 'multiple tables' do |
||
| 190 | let(:params) do |
||
| 191 | {
|
||
| 192 | type: 'ipv6_addr', |
||
| 193 | elements: ['2001:1458::1', '2001:1458:1::2'], |
||
| 194 | table: ['inet-filter', 'ip-nat'] |
||
| 195 | } |
||
| 196 | end
|
||
| 197 | |||
| 198 | it { is_expected.to compile }
|
||
| 199 | it {
|
||
| 200 | is_expected.to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
|
||
| 201 | target: 'nftables-inet-filter', |
||
| 202 | content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m, |
||
| 203 | order: '10', |
||
| 204 | ) |
||
| 205 | is_expected.to contain_concat__fragment('nftables-ip-nat-set-my_set').with(
|
||
| 206 | target: 'nftables-ip-nat', |
||
| 207 | content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m, |
||
| 208 | order: '10', |
||
| 209 | ) |
||
| 210 | } |
||
| 211 | end
|
||
| 212 | 20b96360 | Nacho Barrientos | end
|
| 213 | end
|
||
| 214 | end |